At a glance: The security vulnerability CVE-2026-35273 exploitable in PeopleSoft PeopleTools is actively being attacked by the hacker group ShineyHunters.
Oracle has publicly disclosed a security flaw in PeopleSoft PeopleTools (CVE-2026-35273). Mandiant is already observing that the hacker group ShineyHunters is abusing the vulnerability for intrusion attempts.
Oracle published a warning regarding the security vulnerability CVE-2026-35273 in PeopleSoft PeopleTools. The flaw is currently being actively exploited, as documented by Mandiant (a subsidiary of Google and specialized in threat intelligence).
The hacker group ShineyHunters is deliberately using the vulnerability to gain unauthorized access to systems. This is particularly critical because PeopleSoft is deployed as a human resource management and financial system in many enterprise environments.
Administrators and CISOs whose organizations operate PeopleSoft PeopleTools should take immediate action: deploy patches, monitor systems, and review access logs for suspicious activities. The active exploitation by a known hacker group underscores the urgency.
Source: borncity.com · Published 13 June 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.